r3864 - in trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series

Simon Horman horms at costa.debian.org
Mon Aug 15 06:19:16 UTC 2005 

Author: horms
Date: 2005-08-15 06:19:14 +0000 (Mon, 15 Aug 2005)
New Revision: 3864

Added:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/181_arch-x86_64-kernel-stack-faults.diff
Modified:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
Log:
    [Security, x86_64] Disable exception stack for stack faults   
    See CAN-2005-1767 


Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-08-15 06:15:37 UTC (rev 3863)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2005-08-15 06:19:14 UTC (rev 3864)
@@ -59,8 +59,13 @@
   * 180_fs-isofs-ignored-parameters.diff
     isofs ignores any mount parameters after iocharset, map or session.
 
- -- Simon Horman <horms at debian.org>  Fri, 12 Aug 2005 17:35:39 +0900
+  * 181_arch-x86_64-kernel-stack-faults.diff
+    [Security, x86_64] Disable exception stack for stack faults 
+    See CAN-2005-1767
 
+
+ -- Simon Horman <horms at debian.org>  Mon, 15 Aug 2005 15:18:03 +0900
+
 kernel-source-2.4.27 (2.4.27-10) unstable; urgency=low
 
   * 155_net-bluetooth-signdness-fix.diff:

Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/181_arch-x86_64-kernel-stack-faults.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/181_arch-x86_64-kernel-stack-faults.diff	2005-08-15 06:15:37 UTC (rev 3863)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/181_arch-x86_64-kernel-stack-faults.diff	2005-08-15 06:19:14 UTC (rev 3864)
@@ -0,0 +1,65 @@
+commit 51e31546a2fc46cb978da2ee0330a6a68f07541e
+tree d0ce9dbf6615dc17e2423d5967a940a2f667abb6
+parent 3a36ef7ace64c507f6b087071429dbfed7d2a96d
+author Andi Kleen <ak at suse.de> 1120139192 +0200
+committer Marcelo Tosatti <marcelo.tosatti at cyclades.com> 1120172534 -0300
+
+[PATCH] x86_64: Disable exception stack for stack faults
+
+Stack segment faults were executed on a exception stack. But they
+use the normal return path and can schedule there, but scheduling
+is not allowed on a exception stack.
+
+Just drop the exception stack for stack segment faults. This
+will make some oops triple fault now, but that's better than
+allowing user triggerable oops.
+
+Double faults still have this problem,  but if they happen you
+have enough other problems already that this one doesn't matter
+anymore.
+
+2.6 has a more complicated fix here that actually handles
+this properly, but for 2.4 the simple version is better.
+
+Found from RedHat QA using crashme
+
+Signed-off-by: Andi Kleen <ak at suse.de>
+
+I:100644 100644 e3fdfe1d4efc3a5dfa69d6a8ff37f65982a11955 16c04186194011a0806251d6c8b1ff2227411a8c M	arch/x86_64/kernel/traps.c
+I:100644 100644 3e7cac6e1b5f79c4e5a555d7b5525a9090e86b9a 45342a926f6f88b8bd273b634a269c684ceac873 M	include/asm-x86_64/processor.h
+
+Key:
+S: Skipped
+I: Included Included verbatim
+D: Deleted  Manually deleted by subsequent user edit
+R: Revised  Manually revised by subsequent user edit
+
+diff --git a/arch/x86_64/kernel/traps.c b/arch/x86_64/kernel/traps.c
+--- a/arch/x86_64/kernel/traps.c
++++ b/arch/x86_64/kernel/traps.c
+@@ -857,7 +857,7 @@ void __init trap_init(void)
+ 	set_intr_gate(9,&coprocessor_segment_overrun);
+ 	set_intr_gate(10,&invalid_TSS);
+ 	set_intr_gate(11,&segment_not_present);
+-	set_intr_gate_ist(12,&stack_segment,STACKFAULT_STACK);
++	set_intr_gate(12,&stack_segment);
+ 	set_intr_gate(13,&general_protection);
+ 	set_intr_gate(14,&page_fault);
+ 	set_intr_gate(15,&spurious_interrupt_bug);
+diff --git a/include/asm-x86_64/processor.h b/include/asm-x86_64/processor.h
+--- a/include/asm-x86_64/processor.h
++++ b/include/asm-x86_64/processor.h
+@@ -325,10 +325,9 @@ struct thread_struct {
+ #define INIT_MMAP \
+ { &init_mm, 0, 0, NULL, PAGE_SHARED, VM_READ | VM_WRITE | VM_EXEC, 1, NULL, NULL }
+ 
+-#define STACKFAULT_STACK 1
+-#define DOUBLEFAULT_STACK 2 
+-#define NMI_STACK 3 
+-#define N_EXCEPTION_STACKS 3  /* hw limit: 7 */
++#define DOUBLEFAULT_STACK 1
++#define NMI_STACK 2
++#define N_EXCEPTION_STACKS 2  /* hw limit: 7 */
+ #define EXCEPTION_STKSZ PAGE_SIZE
+ #define EXCEPTION_STK_ORDER 0
+ 

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11	2005-08-15 06:15:37 UTC (rev 3863)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-11	2005-08-15 06:19:14 UTC (rev 3864)
@@ -13,3 +13,4 @@
 + 178_fs_ext2_ext3_xattr-sharing.diff
 + 179_net-ipv4-netfilter-ip_recent-last_pkts.diff
 + 180_fs-isofs-ignored-parameters.diff
++ 181_arch-x86_64-kernel-stack-faults.diff

More information about the Kernel-svn-changes mailing list